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Abstract 

This  is  the  final  report  for  the  DARPA-funded  Radioactive  Project,  covering  the  period  July  1999  - 
December  2003.  There  were  three  objective  of  the  project.  The  principal  one  was  to  demonstrate  use  of 
IPv6-enabled  Active  Services  at  natural  boundaries  between  network  technologies;  this  was  to  be 
Application  Level  Active  Network  (ALAN),  as  distinct  from  the  other  Active  Networking  technologies 
under  the  DARPA  programme.  The  second  objective  was  to  investigate  various  technologies  -  in 
particular  mechanisms  for  providing  Quality  of  Service  (QoS).  The  third  was  to  support  the  International 
Collaboration  Board  (ICB),  of  which  Prof  Kirstein  has  been  the  Chair  throughout  the  period  of  this  project; 
in  this  context  considerable  work  was  done  in  providing  IPv6-enabled  VPNs  in  a  manner  suitable  for 
deployment  in  the  ICB  environment.  Each  of  these  is  considered  in  turn. 

As  part  of  the  DARPA  Active  Networks  programme,  the  contractors  were  encouraged  to  collaborate  with 
others  on  the  programme  to  make  joint  demonstrations.  The  principal  demonstration  pursued  under  the 
first  of  the  above  objectives  was  for  demonstrating  IPv6-enabled  interactive  multicast,  wide-area, 
multimedia  conferencing  over  the  Xbone  as  developed  by  Joe  Touch  in  the  Dynabone  project.  This  was 
demonstrated  at  the  DANCE  meeting  between  intercontinental-separated  sites. 
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1  Introduction  and  Background 


1.1  Introduction 

This  is  the  final  report  for  the  DARPA-funded  Radioactive  Project,  funded  over  the  period  July  1999  - 
December  2003. 

There  were  three  objective  of  the  project.  The  principal  one  was  to  demonstrate  use  of  Active  Services  at 
natural  boundaries  between  network  technologies;  this  was  to  be  Application  Level  Active  Network 
(ALAN),  as  distinct  from  the  other  Active  Networking  activity  under  the  DARPA  programme.  We  stated 
that  we  would  establish  a  flexible  and  useful  infrastructure,  based  on  middleware  provided  in  other 
projects,  show  usability  with  some  applications  incorporating  security  considerations  and  IPv6,  and 
demonstrate  a  total  system  with  a  useful  functionality.  The  second  objective  was  to  investigate  Quality  of 
Service  (QoS)  routing;  this  was  because  it  was  one  of  the  possible  applications  of  the  ALAN  technology. 
The  third  was  to  support  the  International  Collaboration  Board  (ICB),  of  which  Prof  Kirstein  has  been  the 
Chair  throughout  the  period  of  this  project.  Each  of  these  is  considered  in  turn. 

The  initial  proposal  [Crowl]  had  Jon  Crowcroft  and  Peter  Kirstein  has  co-Principal  Investigators.  This  is 
reflected  in  the  joint  authorship  of  the  first  three  progress  reports  [Crow2]  —  [Crow4].  In  September  2001, 
Jon  Crowcroft  moved  to  Cambridge  University.  At  this  time  Peter  Kirstein  took  over  the  full  running  of 
the  project.  This  is  reflected  in  the  authorship  of  the  subsequent  progress  reports  [Kirs2]  -  [KirsS]. 

1 .2  Organisation  of  the  Report 

This  report  is  organised  as  follows.  We  first  review,  in  Section  2,  the  work  done  on  ALANs.  In  Section  3, 
we  then  consider  the  QoS  activity.  One  part  of  the  original  proposal  was  work  on  secure  networks.  A 
major  application  treated  in  Section  2  was  the  establishment  of  dynamic  VPNs.  For  the  International 
Collaboration  Board  (ICB),  this  area  was  also  considered  important;  our  work  here  is  described  in  Section 
4.  In  addition,  we  chaired  and  serviced  the  ICB  the  meetings  themselves;  in  Section  5,  this  activity  is 
described.  We  consider  briefly  publications  and  honours  in  Section  6.  In  Section  7,  we  review  the  use  of 
resources.  Finally,  extensive  references  are  given. 


2  Application  Level  Active  Networking 


2.1  The  Initial  Plan 

In  the  original  proposal  we  stated  that  the  main  objective  of  this  project  was  to  show  how  Application 
Level  Active  Services  could  be  used  to  provide  important  new  functionality  in  computer  networks.  The 
main  emphasis  was  to  be  on  the  demonstration  of  the  added  functionality  that  can  be  achieved;  of 
particular  importance  in  this  context  are  application-level  routing,  packet  forwarding  with  DiffServ,  and 
mechanisms  for  the  location  of  key  modules. 

Since  the  total  manpower  on  the  project  amounted  to  only  one  research  and  one  graduate  student,  there 
were  severe  limitations  on  what  could  be  tackled.  It  was  intended  from  the  beginning  that  this  work  would 
be  complementary  to  other  projects  at  UCL  in  this  field  —  in  particular  work  on  Active  Networks  under  the 
ANDROID  Project,  funded  by  the  European  Commission  (EC). 

2.2  The  Implementation 

There  were  several  distinct  phases  of  the  project.  We  had  decided  early  on  that  we  would  use  multimedia 
conferencing  as  an  application  in  the  project.  During  the  first  few  months,  we  ensured  that  the 
conferencing  would  work  in  a  securable  form.  This  was  partly  to  allow  us  to  ensure  that  the  conferencing 
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software  was  in  a  suitable  form  for  its  later  use  in  an  IPv6-enabled  form.  It  was  partly  to  provide  a  paper 
[Kirstl]  for  PISCEX-2,  which  marked  the  termination  of  one  of  the  projects  in  which  our  earlier  work  had 
been  done.  The  basic  software  we  intended  to  use  for  the  Active  Networking  was  at  the  Application  Level 
(ALAN).  A  second  strand  was  to  ensure  that  the  basic  implementation  of  ALAN,  called  FunnelWeb 
[Ghosh],  worked  well  and  could  be  IPv6  enabled.  Both  these  phases  of  the  activity  were  common  to  the 
ANDROID  and  RADIOACTIVE  projects;  both  intended  to  use  the  same  ALAN  infrastructure,  the  same 
applications  and  the  same  versions  of  IPv6. 

At  this  point  there  was  a  significant  divergence  between  ANDROID  and  RADIOACTIVE.  ANDROID  had 
partners  in  two  commercial  entities  BT  and  6WIND.  The  former  was  concerned  in  providing  a  middleware 
component  that  handled  all  the  external  communications,  management  of  the  ALANs,  and  billing 
databases.  The  latter  was  concerned  with  the  facilities  that  could  be  put  in  edge  routers.  By  contrast,  Doug 
Maughan,  the  DARPA  Active  Networks  Programme  Manager,  was  concerned  in  having  different 
contractors  in  the  programme  collaborating  in  joint  activity  and  joint  demonstrations.  This  had  two  impacts 
from  the  UCL  viewpoint.  For  reasons  of  Intellectual  Property  and  even  timescales,  it  was  impractical  to 
include  in  the  RADIOACTIVE  system  any  components  from  the  other  ANDROID  contractors.  Secondly, 
we  had  to  find  another  contractor  under  the  DARPA  programme  with  whom  we  could  collaborate. 
Luckily,  there  was  an  important  application  that  was  common  to  both  programmes  -  Virtual  Private 
Networks  (VPNs).  These  were  treated  quite  differently  in  the  two  cases.  In  ANDROID,  the  VPNs  were 
actually  constructed  in  the  edge  routers;  a  major  part  of  that  project  was  the  management  of  the  VPNs 
under  yet  another  contractor  Netcelo  [Carl2].  The  functionality  of  a  UCL  server  near  the  edge  of  each 
LAN  of  the  wide-area  network  was  to  provide  Unicast-Multicast  conversion,  provide  bandwidth  limiting 
(via  the  Transcoding  Active  Gateway  (TAG)),  and  to  invoke  the  management  system  to  set  up  the 
(Unicast)  VPNs.  Once  the  VPNs  had  been  set  up,  the  UCL  conferencing  system  operated  in  multicast 
mode  over  the  LANs,  and  could  invoke  other  sites  to  join  the  conferences  —  or  set  up  streaming  servers. 

In  ANDROID,  making  the  Netcelo  management  system  and  the  6WIND  routers  IPv6-enabled  was  a  major 
part  of  the  work.  We  had  to  make  our  server  compatible  with  their  dialogue.  In  RADIOACTIVE,  we 
teamed  up  with  Joe  Touch  at  ISI,  who  had  developed  the  Xbone  hierarchic  VPN  system  [Touch]  under  the 
programme.  Here  we  had  two  challenges;  the  first  was  to  interact  with  his  management  system  and  VPNs, 
the  second  was  to  make  his  system  IPv6-enabled.  By  the  time  of  the  Atlanta  PI  meeting  in  November 
2000,  we  had  succeeded  in  demonstrating  the  UCL  applications  in  IPv4  mode  over  Xbone  VPNs  set  up 
manually  [Crow3].  While  not  too  major  a  step  in  automation,  it  did  demonstrate  compatibility,  showed  the 
whole  system  working  over  intercontinental  WANs,  and  identified  what  components  would  require 
automation.  Joe  was  interested  in  IPv6,  but  was  not  tasked  to  do  this  at  the  time.  In  the  subsequent  18 
months,  we  made  his  system  as  IPv6-enabled  as  was  feasible  from  outside;  that  meant  that  while  the 
lowest  level  of  physical  communication  between  the  Xbone  system  and  ours  was  still  IPv4,  all  the  VPNs 
and  the  UCL  applications  were  IPv6.  We  automated  all  the  aspects  of  communication  between  the  Xbone 
and  our  servers,  and  automated  the  resource  discovery.  At  the  DANCE  conference  and  exhibition  in  May 
2002,  we  were  able  to  demonstrate  a  multi-site,  IPv6-enabled,  active  network-based,  intercontinental 
conference  system  over  the  Xbone  [KirstS],  [Kirst6]. 

With  that  demonstration,  the  experimental  part  of  our  collaboration  with  ISI  in  this  activity  ended.  We 
continued  the  development  of  the  UCL  components  like  the  TAG  in  the  ANDROID  context,  and  were  able 
to  demonstrate  a  similar  functionality  over  a  full  IPv6  network  with  dynamic  VPNs  at  the  1ST  meeting  in 
Copenhagen  in  November  2002. 

While  our  collaboration  with  ISI  stopped  in  the  context  of  this  activity,  it  has  continued  in  the  context  of 
the  VPN  work  of  Section  4.  Since  ISI  has  now  done  all  the  work  of  making  the  Xbone  properly  IPv6- 
enabled,  it  would  now  be  possible  to  run  the  ANDROID  demonstrations  in  full  over  the  5ffiONE.  In 
practice  it  is  probable  that  further  adaptation  would  be  needed  to  make  this  demonstration  in  practice, 
because  various  of  the  underlying  environments  and  their  interfaces  have  probably  changed  over  the  last 
year. 
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2.3  Meeting  the  Objectives 


The  original  objectives  included  the  following: 

•  Application  Level  Routing,  with  multimetric  criteria 

•  Inter-domain  proxylet  Services  (including  Receiver-driven  Layered  Congestion  Control  (RLC) 
algorithms 

•  Dynamic  Reservation  Protocols 

•  Object  Location  Services 

•  Security  Services 

Many  of  these  were  demonstrated  above,  including  application  level  routing,  inter-domain  proxylets,  and 
object  location.  However  some  these  were  only  done  as  protocols  by  themselves,  and  not  in  the 
demonstrations  of  this  section.  This  was  because  the  basic  technologies  to  be  demonstrated  were  changed 
as  a  result  of  the  subsequent  request  for  collaboration  with  other  partners.  In  some  cases,  like  the 
multimedia  recorder  [Lambl]  and  the  transcoding  active  gateway  [Kirs7],  proxylets  were  developed  and 
shown  in  the  demonstrators.  For  the  Security  Services,  we  concentrated  on  VPNs. 


3  Basic  Technologies 


Many  basic  technologies  -  particularly  for  QoS  -  were  examined  theoretically  and  experimentally. 

The  Quality  of  Service  algorithms  were  presented  in  several  papers  -  in  particular  [Bris],  [Carl2], 
[deMeer]  and  [Gevrl].  It  was  originally  intended  that  these  would  be  made  into  Proxylets,  and 
demonstrated  in  the  work  of  Section  2.  In  practice  the  change  of  direction  implied  by  the  integration  of  the 
UCL  work  with  the  ISI  one  did  not  allow  this  to  be  done.  The  Transcoding  Active  Gateway  [Kirs7] 
showed  another  aspect  of  QoS,  since  this  allowed  bandwidth  to  be  constrained  in  the  wireless  part  of  a 
network,  and  so  the  quality  of  audio  and  video  to  be  maintained. 

The  multimedia  recording  work  of  [Lambl]  was  suitable  for  pursuing  in  its  own  right  as  a  technology,  and 
also  demonstration  as  Proxylets.  It  was  not  shown  during  the  DANCE  demonstrations,  but  was  shown  in 
the  later  ANDROID  ones. 


4  Virtual  Private  Networks 


4.1  Activities 

One  task  in  the  original  proposal  was  to  investigate  Virtual  Private  Networks  -  particularly  in  the  context 
of  Active  Networks.  Another  was  to  support  the  International  Collaboration  Board  (ICB).  In  both  the 
ANDROID  project  and  the  work  of  Section  2,  VPNs  were  a  prime  application  for  the  demonstrators.  In 
discussions  inside  the  ICB,  in  1999,  IPv6-enabled  VPNs  were  identified  as  a  key  interest  by  the  ICB 
members.  In  view  of  this,  we  continually  reported  on  our  VPN  work  to  the  ICB;  we  also  invited  both  ISI 
and  Defence  Research  and  Development  Canada,  who  were  doing  related  work,  to  report  on  their  work  to 
the  ICB.  By  2002,  it  had  become  clear  that  the  ISI  work  on  Xbone  ([Touch]  funded  by  the  US  ICB 
member  (Doug  Maughan  and  under  Joe  Touch)  and  the  Canadian  work  on  Dynamic  VPN  Controller 
[DVC]  funded  by  the  Canadian  ICB  member  (Vince  Taylor  and  under  Joe  Spagnolo)  were  prime 
candidates.  In  addition  the  VPN  and  Public  Key  Infrastructure  activity  of  the  University  of  Murcia  [Mart], 
pursued  in  collaboration  with  UCL  under  the  aegis  of  the  Euro6IX  project  was  directly  relevant. 

During  the  period  of  this  report,  we  have  held  two  workshops  at  UCL  [Ladl]  and  [Lad2].  The  second  was 
attended  by  all  countries  active  in  the  ICB  except  the  US  -  and  there  Joe  Touch  participated  from  the  IETF 
in  Minneapolis  by  Teleconference.  The  problem  was  that  we  had  been  obliged  to  schedule  the  meeting  in 
the  middle  of  the  IETF.  The  first  workshop  identified  the  current  status  of  the  Xbone,  DVC  and  the  UMU 
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Public  Key  Infrastructure  (PKI),  and  what  needed  to  be  done  to  achieve  commonality  between  the  different 
implementations.  We  agreed  to  take  certain  steps  to  achieve  the  convergence.  The  second,  four  months 
later  and  in  juxtaposition  to  the  ICB  meeting,  reviewed  the  progress,  outlined  the  next  steps,  and  presented 
the  results  to  the  International  Collaboration  Board  (ICB).  Now  NRNS,  ISI  and  UMU  are  all  committed  to 
providing  their  forms  of  VPN.  We  will  continue  to  work  with  all  three  —  under  the  aegis  of  the  6NET 
project.  As  a  result,  we  expect  to  be  able  to  deploy  several  forms  of  IPv6-enabled  VPN  to  the  ICB  sites. 


5  ICB  Work 


5.1  ICB  Meetings  and  Web  Site 

We  continued  to  service  the  International  Collaboration  Board  (ICB)  and  act  as  its  Chair.  During  the 


period  of  the  project,  we  held  nine  ICB  meetings: 

45DND, 

Ottawa,  Canada 

46FGAN, 

Bonn,  Germany 

47  UCL, 

London,  UK 

48  DARPA, 

Washington,  USA 

49DSTL, 

Malvern,  UK 

50DRDC, 

Ottawa,  Canada 

51 NC3A, 

The  Hague,  Netherlands 

52  DARPA, 

Washington,  USA 

53  UCL, 

London,  UK 

UCL  has  been  running  a  protected  web  site  https://www~secure.cs.ucl.ac.uk/icb/  for  all  ICB  documents. 
During  the  RADIOACTrS^  project,  we  decided  that  this  web  site  should  be  improved.  We  have  put  all 
documents  related  to  the  ICB  meetings  on  the  site  -  including  the  minutes  of  most  of  the  meetings  back  to 
the  late  ‘80s.  We  also  continued  to  provide  minutes  for  the  meetings.  In  improving  the  web  site,  we  were 
greatly  aided  by  the  ICB  members  -  in  particular  John  Laws  of  the  UK  Ministry  of  Defence. 

The  semi-annual  ICB  meetings  continue  to  be  well  attended  by  most  of  the  members,  who  find  the 
material  presented  of  considerable  interest  -  and  complementary  to  that  provided  in  other  meetings  like  the 
official  NATO  and  TTGP  ones.  The  DARPA  Programme  Manager  responsible  for  the  RADIOACTIVE 
Project  has  been  the  ICB  member  from  the  US.  For  the  last  three  years,  the  DARPA  member  has  not  been 
able  to  attend  the  meeting  outside  North  America.  At  the  53”*  meeting  in  November  2003,  all  the  current 
ICB  members  were  present  except  Germany  and  the  US.  At  that  meeting,  it  was  decided  that  the  continued 
presence  of  DARPA  at  the  meetings,  and  the  implied  support  given  by  DARPA  to  the  ICB  activities,  were 
vital  to  several  of  the  partners  being  able  to  get  continued  funding  from  their  Ministries  of  Defence.  It  was 
agreed  that  Prof  Kirstein  was  to  discuss  this  situation  with  the  current  DARPA  ICB  member,  Tim  Gibson; 
if  the  relevant  US  attendance  could  not  be  assured,  then  it  was  considered  desirable  to  wind  up  the  Board. 
This  matter  is  being  discussed  between  Prof  Kirstein  and  Tim  Gibson. 
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6  Publications  and  Honours  of  Pi 


We  note  that  under  the  terms  of  the  contract,  we  are  supposed  to  inform  the  Programme  Manager  of  any 
honours  received  by  the  Principal  Investigators  and  of  any  publications. 

6.1  Honours 

As  regards  Honours,  Peter  Kirstein  received  the  following  awards  during  the  period  of  the 
RADIOACTIVE  project: 

•  The  ACM  Sigcomm  award  in  1999 

•  The  lEE  Senior  Award  in  1999 

•  Election  as  a  Foreign  Honorary  Member  of  the  American  Academy  of  Arts  and  Sciences  in  2002 

•  Commander  of  the  British  Empire  in  2003 

•  Postel  Award  in  2003 

6.2  Doctoral  Theses 

Three  theses  arose  out  of  the  work  done  in  this  project  -  though  they  started  under  the  previous  DARPA- 
funded  project  [Crowl].  The  three  are: 

[Brown]  Brown,  I:  “End-to-End  Security  in  Active  Networks”,  PhD  Thesis,  Department  of  Computer 
Science,  University  College  London,  September  2001. 

[Gevr2]  Gevros,  P  “Congestion  Control  Mechanisms  for  Scalable  Bandwidth  Sharing”,  PhD  Thesis, 
Department  of  Computer  Science,  University  College  London,  August  2003. 

[Lamb2]  Lambrinos,  L:  “Distributed  Approach  to  Multicast  Multimedia  Conference  Recording  and 
Playback,  PhD  Thesis,  Department  of  Computer  Science,  University  College  London,  December  2003. 

6.3  Publications 

[Carll]  Carlberg,  K,  P  Gevros  and  J  Crowcroft:  “Lower  than  Best  Effort:  a  Design  and 

Implementation”,  Workshop  on  Data  Communications  in  Latin  America  and  the  Caribbean,  3-5 
April  2001  San  Jose,  Costa  Rica.As  regards  publications,  the  following  have  appeared  during  the 
period  of  the  project: 

[DeMeer]  De  Meer  and  P.  O'Hanlon:  “Segmented  Adaptation  of  Traffic  Aggregates”,  to  appear  in 
IEEE  IWQoS  2001. 

Gevros]  Gevros,  P  et  al:  “Congestion  Control  Mechanisms  and  the  Best  Efforts  Service  Model”, 
IEEE  Networks,  2001. 

[Ghosh]  Ghosh,  A.,  M.  Fry  and  J.  Crowcroft:”An  Architecture  for  Application  Layer  Routing”; 
Yasuda,  H,  (Ed),  Active  Networks,  LNCS  1942,  Springer:pp.  71-86.  ISBN  3-540-41179-8 
Springer-Verlag,  October  2000. 

[Kirsl]  Kirstein,  PT,  E  Whelan  and  I  Brown:  "A  Secure  Multicast  Conferencing",  DISCEX  2000, 
pp  54-63,  IEEE  Computer  Society,  2000. 

[Kirs7]  Kirstein,  P  et  al.:  “Media  Transmission  over  Coupled  Wired/Wireless  Networks  using 
Applications  Level  Active  IPv6  Networks”,  Proc.  Converged  Networking  —  Data  and  Real-time 
Communications  over  BP,  Interworking  2002,  Kluwer  Academic  Publishers,  pp  197-211,  2002. 

[Kirsl2]:  Kirstein,  P,  M.  Lad,  A.  Skarmeta,  G.  Martinez,  J.  Touch,  S.  Zeber  and  J.  Spagnolo  “ 
Dynamic  IPv6-based  Virtual  Private  Networks”,  Global  IPv6  Launch,  Brussels,  January  15-16, 
2004. 

In  addition  there  were  several  contributions  to  the  IETF. 
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7  Use  of  Resources 


7.1  Staffing 

While  the  funding  from  DARPA  under  the  RADIOACTIVE  Project  has  funded  some  of  these  activities,  it 
has  not  been  a  very  high  proportion.  This  is  partly  because  the  project  is  only  funded  for  one  research 
student. 

The  UCL  staff  associated  with  the  RADIOACTIVE  project  have  been: 

•  Jon  Crowcroft  -  Co-PI 

•  Peter  Kirstein  -  Co-PI 

•  Ian  Brown  -  Working  on  Secure  End-to-End  flow  crossing  active  boundaries 

•  Ken  Carlberg  -  working  on  the  Proxylets  and  master  minding  the  demonstrations 

•  Panos  Gevros  -  working  on  the  QoS 

•  BCris  Hasler  has  been  developing  the  TAG 

•  Manish  Lad  working  on  VPNs 

•  Lambros  Lambrinos  working  on  the  Distributed  Recording 

•  Piers  O  ^Hanlon  working  on  the  Proxylets  and  Multimedia  and  several  of  the  demonstrations 

7.2  Travel 

The  project  played  a  major  part  in  facilitating  the  travel  of  the  project  participants  outside  Europe.  Thus  all 
the  attendance  at  the  ICB  meetings  listed  in  Section  5  were  supported  by  DARPA.  So  were  the 
demonstrations  at  Atlanta  and  San  Francisco,  the  attendance  at  the  DARPA  Active  Network  PI  meetings, 
and  the  attendance  at  many  of  the  conferences  at  which  the  presentations  of  Section  6.3  were  given. 
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